search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2000-11-10 2000-11-07 2001-08-08 VU#715973 ISC BIND 8.2.2-P6 vulnerable to DoS via compressed zone transfer, aka the "zxfr bug"
2001-07-24 2001-07-24 2001-08-07 VU#994851 Microsoft Services for UNIX Telnet server is vulnerable to denial of service via memory leak
2001-07-27 2001-07-05 2001-08-07 VU#898931 Multiple vendors' RADIUS implementations do not adequately validate user input thereby permitting DoS and arbitrary command execution via 'radiusd' daemon
2001-05-25 2000-05-11 2001-08-07 VU#35085 Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file
2001-06-15 2001-01-08 2001-08-07 VU#264272 Microsoft Internet Information Server (IIS) discloses contents of files via crafted request containing "%3F+.htr"
2001-06-15 2000-07-14 2001-08-07 VU#28565 Microsoft Internet Information Server (IIS) discloses contents of files via crafted request containing "+.htr"
2001-08-03 2001-07-11 2001-08-03 VU#321475 Allaire ColdFusion Server contains vulnerability allowing templates to be overwritten by zero byte file of the same name
2001-05-17 2001-01-23 2001-08-01 VU#982616 KDE2 kdesu 'keep password' option does not verify socket listener potentially exposing su password
2001-07-31 2001-06-04 2001-08-01 VU#127435 HPUX kmmodreg allows arbitrary file overwriting via symlink redirection of temporary file
2001-07-24 2000-09-26 2001-07-31 VU#664141 Debian glibc 2 symlink issue could allow arbitrary file overwriting
2001-07-27 2001-07-02 2001-07-30 VU#642239 Lotus Domino Server R5 vulnerable to Cross-Site Scripting via passing of user input directly to default error page
2001-07-27 2001-07-02 2001-07-30 VU#654643 Allaire JRun Java Application Server vulnerable to Cross-Site Scripting via passing of user input directly to default error page
2001-07-27 2001-07-02 2001-07-30 VU#981651 Caucho Technologies Resin vulnerable to Cross-Site Scripting via passing of user input directly to default error page
2001-07-27 2001-06-27 2001-07-27 VU#677611 SCO UnixWare bnuconvert contains buffer overflow via long string of characters sent as command line argument
2001-07-27 2001-06-27 2001-07-27 VU#593571 SCO UnixWare uux contains buffer overflow via long string of characters sent as command line argument

Sponsored by CISA.